[Ltb-changes] r69 - in self-service-password/trunk: . pages

coudot at ltb-project.org coudot at ltb-project.org
Mon Apr 19 23:01:26 CEST 2010


Author: coudot
Date: 2010-04-19 23:01:25 +0200 (Mon, 19 Apr 2010)
New Revision: 69

Added:
   self-service-password/trunk/pages/resetbyquestions.php
Modified:
   self-service-password/trunk/config.inc.php
   self-service-password/trunk/functions.inc.php
   self-service-password/trunk/lang.inc.php
   self-service-password/trunk/pages/change.php
   self-service-password/trunk/pages/setquestions.php
Log:
#181: page to reset password by questions

Modified: self-service-password/trunk/config.inc.php
===================================================================
--- self-service-password/trunk/config.inc.php	2010-04-16 08:19:39 UTC (rev 68)
+++ self-service-password/trunk/config.inc.php	2010-04-19 21:01:25 UTC (rev 69)
@@ -72,6 +72,7 @@
 $pwd_show_policy = false;
 
 # Who changes the password?
+# Also applicable for question/answer save
 # user: the user itself
 # manager: the above binddn
 $who_change_password = "user";
@@ -81,6 +82,9 @@
 $answer_objectClass = "extensibleObject";
 $answer_attribute = "info";
 
+# Display help messages
+$show_help = true;
+
 # Language
 $lang ="en";
 

Modified: self-service-password/trunk/functions.inc.php
===================================================================
--- self-service-password/trunk/functions.inc.php	2010-04-16 08:19:39 UTC (rev 68)
+++ self-service-password/trunk/functions.inc.php	2010-04-19 21:01:25 UTC (rev 69)
@@ -86,7 +86,7 @@
 # Get message criticity
 function get_criticity( $msg ) {
 	
-	if ( ereg( "nophpldap|nophpmhash|ldaperror|nomatch|badcredentials|passworderror|tooshort|toobig|minlower|minupper|mindigit|minspecial|forbiddenchars|answermoderror" , $msg ) ) {
+	if ( ereg( "nophpldap|nophpmhash|ldaperror|nomatch|badcredentials|passworderror|tooshort|toobig|minlower|minupper|mindigit|minspecial|forbiddenchars|answermoderror|answernomatch" , $msg ) ) {
 		return "critical";
 	}
 	
@@ -97,4 +97,123 @@
 	return "ok";
 }
 
+# Display policy bloc
+# @return HTML code
+function show_policy( $lang, $messages, $pwd_min_length, $pwd_max_length, $pwd_min_lower, $pwd_min_upper, $pwd_min_digit, $pwd_min_special, $pwd_forbidden_chars ) {
+        echo "<div class=\"help\">\n";
+        echo "<p>".$messages[$lang]["policy"]."</p>\n";
+        echo "<ul>\n";
+        if ( $pwd_min_length      ) { echo "<li>".$messages[$lang]["policyminlength"]      ." $pwd_min_length</li>\n"; }
+        if ( $pwd_max_length      ) { echo "<li>".$messages[$lang]["policymaxlength"]      ." $pwd_max_length</li>\n"; }
+        if ( $pwd_min_lower       ) { echo "<li>".$messages[$lang]["policyminlower"]       ." $pwd_min_lower</li>\n"; }
+        if ( $pwd_min_upper       ) { echo "<li>".$messages[$lang]["policyminupper"]       ." $pwd_min_upper</li>\n"; }
+        if ( $pwd_min_digit       ) { echo "<li>".$messages[$lang]["policymindigit"]       ." $pwd_min_digit</li>\n"; }
+        if ( $pwd_min_special     ) { echo "<li>".$messages[$lang]["policyminspecial"]     ." $pwd_min_special</li>\n"; }
+        if ( $pwd_forbidden_chars ) { echo "<li>".$messages[$lang]["policyforbiddenchars"] ." $pwd_forbidden_chars</li>\n"; }
+        echo "</ul>\n";
+        echo "</div>\n";
+}
+
+# Check password strength
+# @return result code
+function check_password_strength( $password, $pwd_special_chars, $pwd_forbidden_chars, $pwd_min_length, $pwd_max_length, $pwd_min_lower, $pwd_min_upper, $pwd_min_digit, $pwd_min_special ) {
+
+    $result = "";
+
+    $length = strlen($password);
+    preg_match_all("/[a-z]/", $password, $lower_res);
+    $lower = count( $lower_res[0] );
+    preg_match_all("/[A-Z]/", $password, $upper_res);
+    $upper = count( $upper_res[0] );
+    preg_match_all("/[0-9]/", $password, $digit_res);
+    $digit = count( $digit_res[0] );
+    preg_match_all("/[$pwd_special_chars]/", $password, $special_res);
+    $special = count( $special_res[0] );
+    preg_match_all("/[$pwd_forbidden_chars]/", $password, $forbidden_res);
+    $forbidden = count( $forbidden_res[0] );
+
+    # Minimal lenght
+    if ( $pwd_min_length and $length < $pwd_min_length ) { $result="tooshort"; }
+
+    # Maximal lenght
+    if ( $pwd_max_length and $length > $pwd_max_length ) { $result="toobig"; }
+
+    # Minimal lower chars
+    if ( $pwd_min_lower and $lower < $pwd_min_lower ) { $result="minlower"; }
+
+    # Minimal upper chars
+    if ( $pwd_min_upper and $upper < $pwd_min_upper ) { $result="minupper"; }
+
+    # Minimal digit chars
+    if ( $pwd_min_digit and $digit < $pwd_min_digit ) { $result="mindigit"; }
+
+    # Minimal special chars
+    if ( $pwd_min_special and $special < $pwd_min_special ) { $result="minspecial"; }
+
+    # Forbidden chars
+    if ( $forbidden > 0 ) { $result="forbiddenchars"; }
+
+    return $result;
+}
+
+# Change password
+# @return result code
+function change_password( $ldap, $dn, $password, $ad_mode, $samba_mode, $hash ) {
+
+    $result = "";
+
+    # Set Samba password value
+    if ( $samba_mode ) {
+        $userdata["sambaNTPassword"] = make_md4_password($password);
+        $userdata["sambaPwdLastSet"] = time();
+    }
+
+    # Transform password value
+    if ( $ad_mode ) {
+        $password = "\"" . $password . "\"";
+        $len = strlen($password);
+        for ($i = 0; $i < $len; $i++){
+            $password .= "{$password{$i}}\000";
+        }
+        $password = $password;
+    } else {
+        # Hash password if needed
+        if ( $hash == "SSHA" ) {
+            $password = make_ssha_password($password);
+        }
+        if ( $hash == "SHA" ) {
+            $password = make_sha_password($password);
+        }
+        if ( $hash == "SMD5" ) {
+            $password = make_smd5_password($password);
+        }
+        if ( $hash == "MD5" ) {
+            $password = make_md5_password($password);
+        }
+        if ( $hash == "CRYPT" ) {
+            $password = make_crypt_password($password);
+        }
+    }
+
+    # Set password value
+    if ( $ad_mode ) {
+        $userdata["unicodePwd"] = $password;
+    } else {
+        $userdata["userPassword"] = $password;
+    }
+
+    # Commit modification on directory
+    $replace = ldap_mod_replace($ldap, $dn, $userdata);
+
+    $errno = ldap_errno($ldap);
+    if ( $errno ) {
+        $result = "passworderror";
+        error_log("LDAP - Modify password error $errno (".ldap_error($ldap).")");
+    } else {
+        $result = "passwordchanged";
+    }
+
+    return $result;
+}
+
 ?>

Modified: self-service-password/trunk/lang.inc.php
===================================================================
--- self-service-password/trunk/lang.inc.php	2010-04-16 08:19:39 UTC (rev 68)
+++ self-service-password/trunk/lang.inc.php	2010-04-19 21:01:25 UTC (rev 69)
@@ -59,12 +59,15 @@
 $messages['en']['password'] = "Password";
 $messages['en']['question'] = "Question";
 $messages['en']['answer'] = "Answer";
-$messages['en']['setquestionshelp'] = "Initialize or change your password reset question/answer";
+$messages['en']['setquestionshelp'] = "Initialize or change your password reset question/answer. You can then be able to reset your password <a href=\"?action=resetbyquestions\">here</a>.";
 $messages['en']['answerrequired'] = "No answer given";
 $messages['en']['questionrequired'] = "No question selected";
 $messages['en']['passwordrequired'] = "Your password is required";
 $messages['en']['answermoderror'] = "Your answer has not been registered";
 $messages['en']['answerchanged'] = "Your answer has been registered";
+$messages['en']['answernomatch'] = "Your answer is not correct";
+$messages['en']['resetbyquestionshelp'] = "Choose a question and answer it to reset your password. This requires to have already <a href=\"?action=setquestions\">register an answer</a>.";
+$messages['en']['changehelp'] = "Enter your old password and choose a new one. If you forgot your old password, you can try to <a href=\"?action=resetbyquestions\">reset your password by answering questions</a>.";
 
 #==============================================================================
 # French
@@ -106,12 +109,15 @@
 $messages['fr']['password'] = "Mot de passe";
 $messages['fr']['question'] = "Question";
 $messages['fr']['answer'] = "Réponse";
-$messages['fr']['setquestionshelp'] = "Initialisez ou changez votre question/réponse pour la réinitialisation de votre mot de passe";
+$messages['fr']['setquestionshelp'] = "Initialisez ou changez votre question/réponse pour la réinitialisation de votre mot de passe. Vous pourrez ensuite changer votre mot de passe <a href=\"?action=resetbyquestions\">ici</a>.";
 $messages['fr']['answerrequired'] = "Pas de réponse donnée";
 $messages['fr']['questionrequired'] = "Pas de question sélectionnée";
 $messages['fr']['passwordrequired'] = "Vous devez indiquer votre mot de passe";
 $messages['fr']['answermoderror'] = "Votre réponse n'a pas été enregistrée";
 $messages['fr']['answerchanged'] = "Votre réponse a été enregistrée";
+$messages['fr']['answernomatch'] = "Votre réponse est incorrecte";
+$messages['fr']['resetbyquestionshelp'] = "Choisissez une question et répondez-y pour réinitialiser pour votre mot de passe. Vous devez avoir au préalable <a href=\"?action=setquestions\">enregistré une réponse</a>.";
+$messages['fr']['changehelp'] = "Entrez votre ancien mot de passe et choisissez-en un nouveau. Si vous avez oublié votre ancien mot de passen vous pouvez essayer de le <a href=\"?action=resetbyquestions\">réinitialiser en répondant aux questions</a>.";
 
 #==============================================================================
 # German
@@ -151,13 +157,16 @@
 $messages['de']['questions']['birthday'] = "";
 $messages['de']['questions']['color'] = "";
 $messages['de']['password'] = "Passwort";
-$messages['de']['question'] = "";
-$messages['de']['answer'] = "";
+$messages['de']['question'] = "Frage";
+$messages['de']['answer'] = "Antwort";
 $messages['de']['setquestionshelp'] = "";
 $messages['de']['answerrequired'] = "";
 $messages['de']['questionrequired'] = "";
 $messages['de']['passwordrequired'] = "";
 $messages['de']['answermoderror'] = "";
 $messages['de']['answerchanged'] = "";
+$messages['de']['answernomatch'] = "";
+$messages['de']['resetbyquestionshelp'] = "";
+$messages['de']['changehelp'] = "";
 
 ?>

Modified: self-service-password/trunk/pages/change.php
===================================================================
--- self-service-password/trunk/pages/change.php	2010-04-16 08:19:39 UTC (rev 68)
+++ self-service-password/trunk/pages/change.php	2010-04-19 21:01:25 UTC (rev 69)
@@ -51,44 +51,13 @@
 if ( $newpassword != $confirmpassword ) { $result="nomatch"; }
 
 #==============================================================================
-# Check password strenght
+# Check password strength
 #==============================================================================
 if ( $result === "" ) {
-
-    $length = strlen($newpassword);
-    preg_match_all("/[a-z]/", $newpassword, $lower_res);
-    $lower = count( $lower_res[0] );
-    preg_match_all("/[A-Z]/", $newpassword, $upper_res);
-    $upper = count( $upper_res[0] );
-    preg_match_all("/[0-9]/", $newpassword, $digit_res);
-    $digit = count( $digit_res[0] );
-    preg_match_all("/[$pwd_special_chars]/", $newpassword, $special_res);
-    $special = count( $special_res[0] );
-    preg_match_all("/[$pwd_forbidden_chars]/", $newpassword, $forbidden_res);
-    $forbidden = count( $forbidden_res[0] );
-
-    # Minimal lenght
-    if ( $pwd_min_length and $length < $pwd_min_length ) { $result="tooshort"; }
-
-    # Maximal lenght
-    if ( $pwd_max_length and $length > $pwd_max_length ) { $result="toobig"; }
-
-    # Minimal lower chars
-    if ( $pwd_min_lower and $lower < $pwd_min_lower ) { $result="minlower"; }
-
-    # Minimal upper chars
-    if ( $pwd_min_upper and $upper < $pwd_min_upper ) { $result="minupper"; }
-
-    # Minimal digit chars
-    if ( $pwd_min_digit and $digit < $pwd_min_digit ) { $result="mindigit"; }
-
-    # Minimal special chars
-    if ( $pwd_min_special and $special < $pwd_min_special ) { $result="minspecial"; }
-
-    # Forbidden chars
-    if ( $forbidden > 0 ) { $result="forbiddenchars"; }
+    $result = check_password_strength( $newpassword, $pwd_special_chars, $pwd_forbidden_chars, $pwd_min_length, $pwd_max_length, $pwd_min_lower, $pwd_min_upper, $pwd_min_digit, $pwd_min_special );
 }
 
+
 #==============================================================================
 # Change password
 #==============================================================================
@@ -139,62 +108,16 @@
         error_log("LDAP - Bind user error $errno  (".ldap_error($ldap).")");
     } else {
 
-    # Set Samba password value
-    if ( $samba_mode ) {
-        $userdata["sambaNTPassword"] = make_md4_password($newpassword);
-        $userdata["sambaPwdLastSet"] = time();
-    }
-
-    # Transform password value
-    if ( $ad_mode ) {
-        $newpassword = "\"" . $newpassword . "\"";
-        $len = strlen($newpassword);
-        for ($i = 0; $i < $len; $i++){
-            $password .= "{$newpassword{$i}}\000";
-        }
-        $newpassword = $password;
-    } else {
-        # Hash password if needed
-        if ( $hash == "SSHA" ) {
-            $newpassword = make_ssha_password($newpassword);
-        }
-        if ( $hash == "SHA" ) {
-            $newpassword = make_sha_password($newpassword);
-        }
-        if ( $hash == "SMD5" ) {
-            $newpassword = make_smd5_password($newpassword);
-        }
-        if ( $hash == "MD5" ) {
-            $newpassword = make_md5_password($newpassword);
-        }
-        if ( $hash == "CRYPT" ) {
-            $newpassword = make_crypt_password($newpassword);
-        }
-    }
-
     # Rebind as Manager if needed
     if ( $who_change_password == "manager" ) {
         $bind = ldap_bind($ldap, $ldap_binddn, $ldap_bindpw);
     }
 
-    # Set password value
-    if ( $ad_mode ) {
-        $userdata["unicodePwd"] = $newpassword;
-    } else {
-        $userdata["userPassword"] = $newpassword;
+    # Change password
+    if ($result === "") {
+        $result = change_password($ldap, $userdn, $newpassword, $ad_mode, $samba_mode, $hash);
     }
 
-    # Commit modification on directory
-    $replace = ldap_mod_replace($ldap, $userdn , $userdata);
-
-    $errno = ldap_errno($ldap);
-    if ( $errno ) {
-        $result = "passworderror";
-        error_log("LDAP - Modify password error $errno (".ldap_error($ldap).")");
-    } else {
-        $result = "passwordchanged";
-    }
-    
     }}}}
 
     @ldap_close($ldap);
@@ -208,23 +131,28 @@
 <div class="result <?php echo get_criticity($result) ?>">
 <h2 class="<?php echo get_criticity($result) ?>"><?php echo $messages[$lang][$result]; ?></h2>
 </div>
+
 <?php if ( $result !== "passwordchanged" ) { ?>
+
 <?php
+if ( $show_help ) {
+    echo "<div class=\"help\"><p>";
+    echo $messages[$lang]["changehelp"];
+    echo "</p></div>\n";
+}
+?>
+
+<?php
 if ( $pwd_show_policy ) {
-    echo "<div class=\"help\">\n";
-    echo "<p>".$messages[$lang]["policy"]."</p>\n";
-    echo "<ul>\n";
-    if ( $pwd_min_length      ) { echo "<li>".$messages[$lang]["policyminlength"]      ." $pwd_min_length</li>\n"; }
-    if ( $pwd_max_length      ) { echo "<li>".$messages[$lang]["policymaxlength"]      ." $pwd_max_length</li>\n"; }
-    if ( $pwd_min_lower       ) { echo "<li>".$messages[$lang]["policyminlower"]       ." $pwd_min_lower</li>\n"; }
-    if ( $pwd_min_upper       ) { echo "<li>".$messages[$lang]["policyminupper"]       ." $pwd_min_upper</li>\n"; }
-    if ( $pwd_min_digit       ) { echo "<li>".$messages[$lang]["policymindigit"]       ." $pwd_min_digit</li>\n"; }
-    if ( $pwd_min_special     ) { echo "<li>".$messages[$lang]["policyminspecial"]     ." $pwd_min_special</li>\n"; }
-    if ( $pwd_forbidden_chars ) { echo "<li>".$messages[$lang]["policyforbiddenchars"] ." $pwd_forbidden_chars</li>\n"; }
-    echo "</ul>\n";
-    echo "</div>\n";
+    show_policy($lang, $messages,
+        $pwd_min_length, $pwd_max_length,
+        $pwd_min_lower, $pwd_min_upper,
+        $pwd_min_digit, $pwd_min_special,
+        $pwd_forbidden_chars
+    );
 }
 ?>
+
 <form action="#" method="post">
     <table>
     <tr><th><?php echo $messages[$lang]["login"]; ?></th>
@@ -239,4 +167,5 @@
     <input type="submit" value="<?php echo $messages[$lang]['submit']; ?>" /></td></tr>
     </table>
 </form>
+
 <?php } ?>

Added: self-service-password/trunk/pages/resetbyquestions.php
===================================================================
--- self-service-password/trunk/pages/resetbyquestions.php	                        (rev 0)
+++ self-service-password/trunk/pages/resetbyquestions.php	2010-04-19 21:01:25 UTC (rev 69)
@@ -0,0 +1,193 @@
+<?php
+#==============================================================================
+# LTB Self Service Password
+#
+# Copyright (C) 2009 Clement OUDOT
+# Copyright (C) 2009 LTB-project.org
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# GPL License: http://www.gnu.org/licenses/gpl.txt
+#
+#==============================================================================
+
+# This page is called to reset a password trsuting question/anwser
+
+#==============================================================================
+# POST parameters
+#==============================================================================
+# Initiate vars
+$result = "";
+$login = "";
+$question = "";
+$answer = "";
+$newpassword = "";
+$confirmpassword = "";
+$ldap = "";
+$userdn = "";
+if (!isset($pwd_forbidden_chars)) { $pwd_forbidden_chars=""; }
+
+if (isset($_POST["confirmpassword"]) and $_POST["confirmpassword"]) { $confirmpassword = $_POST["confirmpassword"]; }
+ else { $result = "confirmpasswordrequired"; }
+if (isset($_POST["newpassword"]) and $_POST["newpassword"]) { $newpassword = $_POST["newpassword"]; }
+  else { $result = "newpasswordrequired"; }
+if (isset($_POST["answer"]) and $_POST["answer"]) { $answer = $_POST["answer"]; }
+ else { $result = "answerrequired"; }
+if (isset($_POST["question"]) and $_POST["question"]) { $question = $_POST["question"]; }
+ else { $result = "questionrequired"; }
+if (isset($_REQUEST["login"]) and $_REQUEST["login"]) { $login = $_REQUEST["login"]; }
+ else { $result = "loginrequired"; }
+
+# Strip slashes added by PHP
+$login = stripslashes_if_gpc_magic_quotes($login);
+$question = stripslashes_if_gpc_magic_quotes($question);
+$answer = stripslashes_if_gpc_magic_quotes($answer);
+$newpassword = stripslashes_if_gpc_magic_quotes($newpassword);
+$confirmpassword = stripslashes_if_gpc_magic_quotes($confirmpassword);
+
+#==============================================================================
+# Check question/answer
+#==============================================================================
+if ( $result === "" ) {
+
+    # Connect to LDAP
+    $ldap = ldap_connect($ldap_url);
+    ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
+    ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
+
+    # Bind
+    if ( isset($ldap_binddn) && isset($ldap_bindpw) ) {
+        $bind = ldap_bind($ldap, $ldap_binddn, $ldap_bindpw);
+    } else {
+        $bind = ldap_bind($ldap);
+    }
+
+    $errno = ldap_errno($ldap);
+    if ( $errno ) {
+        $result = "ldaperror";
+        error_log("LDAP - Bind error $errno (".ldap_error($ldap).")");
+    } else {
+    
+    # Search for user
+    $ldap_filter = str_replace("{login}", $login, $ldap_filter);
+    $search = ldap_search($ldap, $ldap_base, $ldap_filter);
+
+    $errno = ldap_errno($ldap);
+    if ( $errno ) {
+        $result = "ldaperror";
+        error_log("LDAP - Search error $errno (".ldap_error($ldap).")");
+    } else {
+
+    # Get user DN
+    $entry = ldap_first_entry($ldap, $search);
+    $userdn = ldap_get_dn($ldap, $entry);
+
+    if( !$userdn ) {
+        $result = "badcredentials";
+        error_log("LDAP - User $login not found");
+    } else {
+    
+    # Get question/answer values
+    $questionValues = ldap_get_values($ldap, $entry, $answer_attribute);
+    unset($questionValues["count"]);
+    $match = 0;
+
+    # Match with user submitted values
+    foreach ($questionValues as $questionValue) {
+        if (preg_match("/^\{$question\}$answer$/i", $questionValue)) {
+            $match = 1;
+        }
+    }
+
+    if (!$match) {
+        $result = "answernomatch";
+        error_log("Answer does not match question for user $login");
+    }
+
+}}}}
+
+#==============================================================================
+# Check and regsiter new passord
+#==============================================================================
+# Match new and confirm password
+if ( $result === "" ) {
+    if ( $newpassword != $confirmpassword ) { $result="nomatch"; }
+}
+
+# Check password strength
+if ( $result === "" ) {
+    $result = check_password_strength( $newpassword, $pwd_special_chars, $pwd_forbidden_chars, $pwd_min_length, $pwd_max_length, $pwd_min_lower, $pwd_min_upper, $pwd_min_digit, $pwd_min_special );
+}
+
+# Change password
+if ($result === "") {
+    $result = change_password($ldap, $userdn, $newpassword, $ad_mode, $samba_mode, $hash);
+}
+
+#==============================================================================
+# HTML
+#==============================================================================
+?>
+
+<div class="result <?php echo get_criticity($result) ?>">
+<h2 class="<?php echo get_criticity($result) ?>"><?php echo $messages[$lang][$result]; ?></h2>
+</div>
+
+<?php if ( $result !== "passwordchanged" ) { ?>
+
+<?php
+if ( $show_help ) {
+    echo "<div class=\"help\"><p>";
+    echo $messages[$lang]["resetbyquestionshelp"];
+    echo "</p></div>\n";
+}
+?>
+
+<?php
+if ( $pwd_show_policy ) {
+    show_policy($lang, $messages,
+        $pwd_min_length, $pwd_max_length,
+        $pwd_min_lower, $pwd_min_upper,
+        $pwd_min_digit, $pwd_min_special,
+        $pwd_forbidden_chars
+    );
+}
+?>
+
+<form action="#" method="post">
+    <table>
+    <tr><th><?php echo $messages[$lang]["login"]; ?></th>
+    <td><input type="text" name="login" value="<?php echo htmlentities($login) ?>" /></td></tr>
+    <tr><th><?php echo $messages[$lang]["question"]; ?></th>
+    <td>
+    <select name="question">
+
+<?php
+# Build options
+foreach ( $messages[$lang]["questions"] as $value => $text ) {
+    echo "<option value=\"$value\">$text</option>";
+}
+?>
+
+    </select>
+    </td></tr>
+    <tr><th><?php echo $messages[$lang]["answer"]; ?></th>
+    <td><input type="text" name="answer" /></td></tr>
+    <tr><th><?php echo $messages[$lang]["newpassword"]; ?></th>
+    <td><input type="password" name="newpassword" /></td></tr>
+    <tr><th><?php echo $messages[$lang]["confirmpassword"]; ?></th>
+    <td><input type="password" name="confirmpassword" /></td></tr>
+    <tr><td colspan="2">
+    <input type="submit" value="<?php echo $messages[$lang]['submit']; ?>" /></td></tr>
+    </table>
+</form>
+
+<?php } ?>

Modified: self-service-password/trunk/pages/setquestions.php
===================================================================
--- self-service-password/trunk/pages/setquestions.php	2010-04-16 08:19:39 UTC (rev 68)
+++ self-service-password/trunk/pages/setquestions.php	2010-04-19 21:01:25 UTC (rev 69)
@@ -156,9 +156,17 @@
 <div class="result <?php echo get_criticity($result) ?>">
 <h2 class="<?php echo get_criticity($result) ?>"><?php echo $messages[$lang][$result]; ?></h2>
 </div>
+
 <?php if ( $result !== "answerchanged" ) { ?>
-<div class="help"><p><?php echo $messages[$lang]["setquestionshelp"]; ?></p></div>
 
+<?php
+if ( $show_help ) {
+    echo "<div class=\"help\"><p>";
+    echo $messages[$lang]["setquestionshelp"];
+    echo "</p></div>\n";
+}
+?>
+
 <form action="#" method="post">
     <table>
     <tr><th><?php echo $messages[$lang]["login"]; ?></th>
@@ -168,12 +176,14 @@
     <tr><th><?php echo $messages[$lang]["question"]; ?></th>
     <td>
     <select name="question">
+
 <?php
 # Build options
 foreach ( $messages[$lang]["questions"] as $value => $text ) {
     echo "<option value=\"$value\">$text</option>";
 }
 ?>
+
     </select>
     </td></tr>
     <tr><th><?php echo $messages[$lang]["answer"]; ?></th>
@@ -182,4 +192,5 @@
     <input type="submit" value="<?php echo $messages[$lang]['submit']; ?>" /></td></tr>
     </table>
 </form>
+
 <?php } ?>



More information about the ltb-changes mailing list